Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
File: 6b8f6f39-f637-434c-84f1-a8371e897703.roa (raw, json)
Hash identifier: 3/yfLGa8e1zFJSBB42nzkjcT7rFrBvPvgXZD363tr/E=
Subject key identifier: EE:60:37:D2:A9:EC:33:7B:F4:62:56:49:FC:DC:DF:E4:31:F6:68:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F7D129225068A9EC53BB5BB6F8B4886C9B7BF5A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:7d:12:92:25:06:8a:9e:c5:3b:b5:bb:6f:8b:48:86:c9:b7:bf:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:69:33:8e:72:c5:e7:88:ef:d6:67:02:60:df:
33:41:2b:06:6e:90:c1:ca:a9:a3:f5:48:5e:48:10:
99:f7:8c:fa:42:d6:68:e6:9a:8f:bf:32:20:73:8e:
7d:70:cc:29:62:ac:f2:c3:ea:52:82:c3:7e:44:d3:
09:d8:dd:5b:f7:54:e8:70:64:04:c0:8d:5e:f3:18:
2a:72:c8:64:7c:5e:0b:99:88:d2:78:3b:ac:10:ab:
0f:0b:49:8e:dd:ff:ff:0e:08:4f:38:79:d2:33:38:
fc:6e:71:9d:00:68:59:c1:04:e3:76:ae:a7:fe:5f:
bf:1b:8f:a6:8e:b0:b6:a1:1b:21:3e:bd:e6:29:1a:
e9:2b:20:4c:bc:2a:6d:5b:7d:20:ab:02:18:43:a9:
1d:c5:2a:e2:e5:70:c3:90:69:0d:51:e9:8d:34:62:
69:53:79:2b:de:fc:4c:2a:d1:7c:62:06:fb:62:e4:
f9:82:07:1c:50:03:77:39:3e:f2:c6:3e:13:44:8a:
8a:66:be:35:ff:c7:04:42:0a:18:0a:1f:53:fe:f3:
b2:c1:65:d9:e5:84:25:42:94:15:d3:00:cd:29:69:
fd:b6:88:68:59:b6:d6:a5:99:64:ac:d3:30:4f:5b:
ab:c1:d0:38:bc:ec:98:46:f9:54:58:e1:ab:86:5c:
09:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:60:37:D2:A9:EC:33:7B:F4:62:56:49:FC:DC:DF:E4:31:F6:68:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6b8f6f39-f637-434c-84f1-a8371e897703.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:f1:ab:0e:ed:d3:7a:67:60:58:1e:9f:f7:19:96:32:47:50:
62:d5:9f:43:ab:2e:1a:b2:e1:98:e6:82:11:34:38:e9:5b:2c:
da:a2:3a:9d:01:8b:56:6a:87:95:ca:44:43:f0:73:58:ad:59:
6c:9b:61:46:c9:f2:18:a0:1d:8c:f2:4e:1d:4e:be:c4:be:64:
c1:d8:7a:73:68:78:92:ed:ba:f8:3a:ee:3a:a7:07:13:09:23:
2f:86:b6:b2:32:7a:f9:19:fa:16:7b:6f:af:37:5c:7c:79:55:
e8:23:93:57:67:65:ff:af:a9:aa:17:24:21:5b:b5:ae:f3:bb:
6e:72:04:bf:e5:96:fd:ff:a4:8d:c9:0b:3b:4a:46:f9:c9:00:
0d:38:69:47:15:61:ea:72:e5:04:a0:8d:da:e3:56:7d:db:f1:
b9:30:16:95:6d:63:43:da:9c:5a:77:a6:05:b7:84:ca:95:f2:
0d:e7:2c:f4:38:e7:08:45:81:3a:ca:ba:20:81:32:fa:29:9f:
f4:36:bc:30:b1:35:70:e2:62:69:a8:5f:8d:7d:c5:3f:d5:15:
14:83:d8:dc:5e:d9:f0:4d:4b:af:95:e0:93:d6:2e:84:7d:6b:
b2:2d:94:18:cf:c9:f7:6e:b1:d1:ee:e1:7f:aa:48:e6:89:de:
e4:11:d2:65
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT30SkiUGip7FO7W7b4tIhsm3v1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3ZjM4ZjRiOGNhZWQxOWYyYzNlODE5MDk4YTlhNzUwNTUxZjNmZTZkZjc1
ZTM5MTE0NWVmZGJlMWJlNDQwMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJpM45yxeeI79ZnAmDfM0ErBm6Qwcqpo/VIXkgQmfeM+kLWaOaaj78yIHOO
fXDMKWKs8sPqUoLDfkTTCdjdW/dU6HBkBMCNXvMYKnLIZHxeC5mI0ng7rBCrDwtJ
jt3//w4ITzh50jM4/G5xnQBoWcEE43aup/5fvxuPpo6wtqEbIT695ika6SsgTLwq
bVt9IKsCGEOpHcUq4uVww5BpDVHpjTRiaVN5K978TCrRfGIG+2Lk+YIHHFADdzk+
8sY+E0SKima+Nf/HBEIKGAofU/7zssFl2eWEJUKUFdMAzSlp/baIaFm21qWZZKzT
ME9bq8HQOLzsmEb5VFjhq4ZcCd8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTuYDfS
qewze/RiVkn83N/kMfZorjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmI4ZjZmMzktZjYzNy00MzRjLTg0ZjEtYTgzNzFlODk3NzAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQAD8asO7dN6Z2BYHp/3GZYyR1Bi1Z9Dqy4asuGY5oIR
NDjpWyzaojqdAYtWaoeVykRD8HNYrVlsm2FGyfIYoB2M8k4dTr7EvmTB2HpzaHiS
7br4Ou46pwcTCSMvhrayMnr5GfoWe2+vN1x8eVXoI5NXZ2X/r6mqFyQhW7Wu87tu
cgS/5Zb9/6SNyQs7Skb5yQANOGlHFWHqcuUEoI3a41Z92/G5MBaVbWND2pxad6YF
t4TKlfIN5yz0OOcIRYE6yroggTL6KZ/0NrwwsTVw4mJpqF+NfcU/1RUUg9jcXtnw
TUuvleCT1i6EfWuyLZQYz8n3brHR7uF/qkjmid7kEdJl
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:48 2025 by rpki-client